Pub. 1 2024 Issue 3

of this incident, even if not making a claim, to avoid arguments by the carrier that a notification delay caused prejudice to the carrier. The carrier will also be helpful in the notification process if necessary. Nevertheless, stay informed because date breach notification time frames are very narrow. TIPS FOR DATA SECURITY AT YOUR DEALERSHIP Ensuring the security of your dealership’s data is more crucial than ever. Evaluate how your organization protects user data and consider steps to enhance its security. Here are some essential tips to keep your dealership’s data secure: • Create Secure Passwords: Strong passwords are the first line of defense against unauthorized access. Use long passwords with a mix of uppercase and lowercase letters, numbers and special characters. • Set Up Multifactor Authentication: Multifactor authentication (MFA) adds an extra layer of protection by requiring multiple forms of verification, making it significantly harder for unauthorized users to gain access. With MFA, even if one credential is compromised, additional authentication factors can prevent attackers from accessing all sensitive information. • Encrypt Your Data: Data encryption transforms readable data into an unreadable format, ensuring that even if unauthorized parties gain access to the data, they cannot interpret or misuse it without the decryption key. Customer data must be encrypted at rest and in transit on the networks and systems that you use. • Identify and Address Phishing Messages: Phishing attacks are a common method for cybercriminals to gain access to sensitive information. These attacks often involve deceptive messages that lure individuals into clicking malicious links. Ensure your employees are educated on how to recognize and avoid phishing attempts. Test their skills with tools like Google’s phishing quiz at phishingquiz.withgoogle.com. • Minimize Public Wi-Fi Use: Public Wi-Fi networks are often unsecured, making them prime targets for cyberattacks. Encourage your employees to avoid using public Wi-Fi, especially when accessing company data. Provide secure private Wi-Fi in the workplace to reduce the risk of data breaches. • Back Up Your Data: In the event of a data breach, having backups of your data is essential. Regularly back up your data to ensure that you can recover important information if it is compromised. This practice can mitigate the impact of a breach and help maintain business continuity. • Partner with a SOC Compliance Vendor: SOC compliance refers to the set of standards and regulations that companies must adhere to ensure the security, availability and confidentiality of their customers’ data. Working with a vendor who is certified SOC-compliant can bring several benefits to your business. SOC compliance ensures that the vendor has established and implemented adequate controls to protect sensitive data and assets. By implementing these tips, you can strengthen your dealership’s data security and build trust with your clients. ENSURE YOU ARE SAFEGUARD COMPLIANT Need a partner in complete compliance? KPA is here for you! KPA Privacy & Safeguards software offers a comprehensive solution specifically designed for automotive dealerships to ensure complete compliance, protect customer data and streamline operations with a guided 10-step approach. Our robust 10-step compliance framework includes customized legal policies, technical safeguards and regular assessments to mitigate risks and ensure compliance. We’re your partners in true, complete compliance. Please reach out to us at info@kpa.io, by visiting kpa.io/automotive, or by giving us a call at (866) 856-1735. Step 1 Establish Safeguards Team Step 2 Written Risk Assessment Step 3 Written Information Security Program Step 4 Information Security Training Step 5 Simulated Phishing Attacks Step 6 Vendor Assessment and Agreements Step 7 Access Controls Step 8 Technical Requirements Step 9 Written Incident Response Plan Step 10 Written Annual Report Board 9

RkJQdWJsaXNoZXIy ODQxMjUw